Part of this Horizon view deployment will be to have the connection server logging its events and a configured view composer server. For this we’ll need two databases.

While I am working with the Express version of MSSQL, the following steps will also apply to other versions of MSSQL (excluding the Linux version). In a production environment you definitively will want to run either standard or enterprise. There is also the developer edition, which is a full featured version for testing and development only.

Click OK. While you can restart the service to get the new security changes to apply, I usually just reboot the server.

Setting up the Horizon View Events Database and creating the user.

Start the Microsoft SQL Server Management Studio.

Select Connect to login.

Expand the instance, right click on Database and select New Database…

Give the database a name. I chose ViewEvent.

Select Options and make sure the options match the attachment below and click OK.

Expend Security, right click Logins, and select New Login…

Type in a name for your user (I used ViewEvent). Select SQL Server authentication and type in a password. Unselect Enforce password policy. Change the Default database to ViewEvent or whatever you named you database in step 4.

Select User Mapping. Select the database you created above and in the bottom pane select db_owner.

Click OK and we’ve successfully created the Events database and user. Now onto the composer DB.

Setting up the Horizon View Composer Database and creating the user.

Start the Microsoft SQL Server Management Studio.

Select Connect to login.

Expand the instance, right click on Database and select New Database…

Give the database a name. I chose ViewComposer.

Select Options and make sure the options match the attachment below and click OK.

Expend Security, right click Logins, and select New Login…

Type in a name for your user (I used viewcomp). Select SQL Server authentication and type in a password. Unselect Enforce password policy. Change the Default database to ViewComp or whatever you named you database in step 4.

Select User Mapping. Select the database you created above and in the bottom pane select db_owner.

Click OK and we’ve successfully created the Composer database and user.

In this part we’ve created the two main DB’s we’ll need for view. So just something to note. In this setup I have used SQL accounts for the databases however in most prod environments that would most likely be heavily discouraged. If you do choose to go down the domain account route then you don’t need to change the authentication mode.

Over the last couple of months (with another work colleague) I’ve been looking into Horizon view 7.4. (edit: and now 7.5)

So far I really like what I see. It looks like VMware has put fair amount of effort in the the product lately. From instant clones (windows and Ubuntu) to automated full fat clones for Linux, the product is really starting to look slick.

The next series of blog posts will be covering the installation and configuration of Horizon view, setting up various different solutions (Linux desktops, View security server and as an alternative the Unified Access Gateway, etc) and will take a look at the various “additionals” available, this includes the paks for vRealise Operations Manager and Log Insight.

So what will we need and be setting up to get the basics going?

Lab (I’ve covered how to build this a while back, its a bit old but should still get you started).

Certificate Authority for our domain.

SQL server 2016 Express and SQL server 2016 management tools. Note: While the express version of SQL sever isn’t on the interoperability matrix it does work.

A minimum of 3 Windows servers which will run:

View Connection server

View Composer Server, which will also run our instance of SQL express.

View Security Server

Horizon View Software (Download the lot)

Windows 10 Enterprise

2 Popular Linux Disto’s.

Centos

Ubuntu

While there can seem to be quite a lot of moving parts, I would expect most prod environments to have access to either SQL standard as a minimum or Oracle (12C standard release 1 and 2 are supported) as well as a CA (certificate Authority).

Our three windows servers, which will form the base of our deployment, will be configured as follows:

Windows 1 – Connection server

Windows 2 – Security Server

Windows 3 – Composer and SQL Express server

Before we run through the View install’s I’ll first go through setting up and configuring the CA, getting the cert onto the windows connection server, and configuring SQL for the two DB’s we’ll need.

There have been a few posts speculating on the future of VSAN and I for one am looking forward to it with great anticipation. However, I don’t think VMware really know what a hugely transformative technology VSAN could be.

I was lucky enough to attend VMworld 2015 and luckier to be invited to the VSAN pioneer summit, which gave us a real in-depth look at the future of VSAN. I liked what I was seeing but about an hour towards the end of the allotted time I put my hand up and asked why there were no NAS features planned for the future release. I mean it makes sense doesn’t it? Where’s NFS, where’s SMB? I know a linux architect who would love to see this come in.

If you really want to do the software defined storage thing then really go for it. NSX is the current favourite child. its being pushed everywhere, including presence into “competitors” such as AWS. So where’s the love for VSAN? Push this technology and it will really change the datacenter.

First Thoughts.

What if VMware made a VSAN only cluster, no VM’s allowed only storage exports. This would put them in direct competition with Storage vendors and would greatly reduce the cost for storage in the datacenter and allow for a huge amount of flexibility for businesses of all sizes. lets explore this idea more!

Folders (native on the file system) or VMDK’s

VMDK wins. I would think that using VMDK’s instead of folders would be a much better idea. There would be no real changes needed to the VMFS file system to accommodate a much more granular permission structure that would be required by SMB. ESXi could mount the VMDK and write any file system in there. VMDK’s can be accessed by multiple ESXi hosts.

NFS3 – NFS4 – SMB2.x – SMB3

We already know that NFS4 and SMB3 can take advantage of multiple IP addresses (hosts) to provide multi-channel and VMware clusters are, quite frankly, an incredible implementation of clustering technology. Mounting the VMDK to multiple ESXi hosts would allow the data to be taken advantage of by NFS4 and SMB3 compliant hosts.

SMB2.x and NFS3 prefer to access data through a single IP address or hostname. Now this is easy to implement immediately but if you want to add a bit more intelligence around it, some kind of construct that has a virtual IP that could move between hosts or something like the virtual IP address technology from Log insight clusters. Easier said than done I know but still should be considered.

Redundancy and performance

Kinda obvious, i know, but redundancy would be taken care of by VMware clustering technology. three or four hosts and that’s that taken care of.

Performance on the other hand could be very interesting topic, a complex topic, but still interesting. I would guess in the thousands of IOPs. There would be many factors to consider. Network speed, controller card, SSD speed, SSD size, and so on and so forth. In a future post I’ll look at this again.

Licensing

As this is only intended to be a storage service the licensing should be one ESXi-VSAN license (I’ve guessed it to be £1,500 but could be as high as £2,000, which I’ve also given as a cost per TB below)

Total Cost

So this is interesting and I’ve decided to look at a couple of real world examples below.

Dedicated Storage Appliance

I have a quote from a major vendor for £198,409.45. This figure gives us 48TB of HDD storage in 64 SAS disks and 9TB of SSD storage in 8 SSD disks (these figures are usable). For this project we decided to use the SSD as a caching layer. As you would expect from an enterprise storage system it has a good deal of redundancy built-in with 4 nodes to manage the storage and 8 x 10GB Ethernet ports. All in, not bad for the price point and a good system all round.

Dedicated VSAN Cluster

Putting together our VSAN only node, to compete on numbers, I would size it like this: Looking at an HP DL380 Gen9 with one CPU (E5-2623) 32GB of Ram. Two disk pools with 1 x 800GB SSD and 7 X 1.2TB SAS disks each, giving us 1.6TB of SSD cache and 7.5TB of SAS storage (again these figures are usable based of a default VSAN storage policy of 2n). Two 10GB Ethernet ports.

To get the equivalent amount of usable storage as the popular storage vendors array we’d need 7 VSAN nodes.

So for the costs:

Items

Storage Vendor

VSAN

Nodes

4

7

10GB Network

8

14

SSD Cache Size

9.2TB

10.5TB

Usable SAS

48.5TB

52.9TB

Cost per system

£198,409.45

£109,320.40

Cost per TB

£4,090.92

£2,066.55

Note 1: I have estimated the cost of the VSAN license at £1,500. If the license were £2,000 then the cost per TB for VSAN would be £2,132.71.

Note 2 : (To be fair) The Storage vendor has extra goodness built-in to accelerate workloads and the hardware will be optimised and custom designed to do nothing but server data.

The above figures, which speak for themselves, are all based on real quotes and would be for an enterprise deployment.

If VMware really wanted this to be everywhere they could address smaller shops by allowing a single node VSAN. Why not; that would allow anybody to get a foot in and expand as their business grows.

So VMware, when will this be a reality for us?

Please let me know what you think and it there are any glaring errors. I’m also happy to discuss any of the above.

Carrying on with my Graylog posts, the following will give you an introduction to creating a basic but functional dashboard.

Why do you need a dashboard? Well you can view a number a widgets very quickly which can all be configured with separate search queries. What’s really convenient is that it’s your dashboard, not one that the vendor thinks you will need. Every environment has different requirements. Perhaps you are tracking iSCSI disconnects and want to see a count of the number of iSCSI errors you are getting prior to the event, maybe want to track how many logs vpxa generates, or list the amount of port scans you are getting on your external firewall. It’s really defined by you.

Browse to your Graylog server and login.

Click on Dashboard on the Menu across the top.

Once the Dashboards tab has opened click Create Dashboard.

Give your new Dashboard a name and description.

You now have a brand new empty dashboard. lets get some widgets generated and add them in.

Click on Search in the menu bar and in the search field type something that you’d like to keep an eye on. For this purpose I’ve chosen the vpxa. It’s noisy and will be a good example.

This will return, a histogram and a bunch of messages.

Lets add the histogram to the dashboard. In the histogram pane click on Add to dashboard and select the dashboard you want to add the histogram to.

And lets add one more. In the Fields pane, expand Messages and click Quick Values. Then in the Quick values for message Click Add to dashboard and select your dashboard.

Go through the various fields and widgets and add what you think will be useful.

Back to our dashboard. Click on Dashboard in the Menu across the top and then click on the name of the dashboard you just created.

You’ll now see the widgets you’ve added to your dashboard. You’ll also see three buttons, Update inbackground, fullscreen and unlock/edit. To rearrange your widgets click unlock/edit and move them around as needed. Update in background keeps the widgets live and fullscreen puts the screen into a display mode which could be useful to display on screens around the IT department.

Once you are done move things around click lock to take it out of editing mode.

The above does go through creating a very basic dashboard by once again this demonstrates how useful Graylog really is. If you are looking for log monitoring you will be in a safe place with Graylog. The flexibility and scalability, absolutely compete with, and often exceed, the larger paid for rivals.

The first of the VCDX defense dates for 2016 have been announced and in the last week a new round of VCDX’s have received their emails and a big congratulations to all of them

I’ve been looking forward to the new 2016 dates for a while. This gives me a time frame to get all the requirements together.

If all goes according to plan I’m hoping to defend in the last week of April but that means I need to submit but the 11th of February. which is only three short months away and I still have a huge amount to get together.

As I work through various part of my design I’ll be tracking my progress through this blog.

Designs that are your own are easier to justify, or are they? Take one of your own designs (as I’ve done with this one), and try to look at it with fresh eyes. It’s yours, yes, but can you really quantify every decision to a third-party. Why have you chosen to ignore LACP, why aren’t you using resource pools, why have you used the windows deployment of vCenter server instead of the appliance. iSCSI vs NFS. 5 Hosts, really, why not 3 larger hosts instead? Want to bring in VVOLs, have you spoken with the storage team to find out if it can fit with their vision? Why, Why, Why?

All of the above and more needs to be worked through. The foundation of my design is one that I have done for the company I currently work for. It is a two DC deployment with SRM to replicate between them. My submission will be partly fictitious as I want to take what I currently have and update it. I’ll need to go through and look at every decision and document it.

I understand that this will be a huge undertaking but I am looking forward to it. Most importantly I have the support of my family.

Monitoring systems usually tell you when there’s a problem and what the problem is, but logs can tell you about the problem, what happened before, and what happened after. In other words logs provide a critical source of information when anything happens in your environment, from the seemingly mundane (NTP update) to the more terrifying (all paths down).

It’s always a good idea to collect logs is some form or another, being able to look through historical logs or requests from support people allows you to start looking for the cause, or a pattern. Usually a log entry gets sent from a system to a syslog box and gets added to the log file created for that system. Not only is it a good idea to have external logging for your ESXi servers but you should also log the VCSA/PSC and any supporting infrastructure, eg “first hop” switches, storage, etc… It still surprises me that many companies don’t actively do this.

Capturing all of that creates a huge amount of data which can be very labour intensive to sift through to get what you need. Apart from something to capture the logs, you should also look at a log organiser, something like vRealize Log Insight, which I really like and have marked to blog about at a later date, or Splunk. Unfortunately both solutions come with a price tag.

And this is where Graylog comes in. “Graylog is a fully integrated open source log management platform for collecting, indexing, and analyzing both structured and unstructured data from almost any source.”

All graylog deployments will have the same basic features: Graylog server, Web interface, Elasticsearch, MongoDB.

For a first look I would strongly recommend the Graylog appliance that’s distributed as an OVA. The beauty of the OVA is that is can be deployed as an all-in-on solution for smaller deployments, or configured for a single component via the graylog-ctl script for larger workloads. For those of you asking it does have beta support for Docker.

The interface is similar to other loggers, which is not a bad move in my opinion, as its what works best.

Searches are snappy and respond quickly. The query syntax is simple and doesn’t require you to have a degree in programming. Type esx01 and it will return everything with esx01. Type esx01 esx02 and it with return all entries with esx01 or esx02. But place the two in quotations, “esx01 esx02” and it will look for the exact phrase.

Dashboards are highly customisable and very easy to setup the one below was based on vsan for a rolling 5 minute window and took a couple of minutes to setup.

Support is done through the community but can be purchased at three levels, with different SLA’s for response and different ways to contact the company. I’m not sure of the cost but I guess much of that would be around the size of your deployment.

If you don’t want to use the OVA, graylog also has official deb and rpm package repositories for Ubuntu, Centos and Debian, which make it easy to install with two or three commands. I tested both the OVA, and the package install on CentOS. Both methods were really simple to deploy.

Graylog should be a serious consideration for any company, big or small, and is very good example of an enterprise opensource project.

While the vSphere 6 announcement was expected by the community the EVALexperience was a real surprise, to me anyway.

What does this mean? Well, in addition to all the benefits that come with a VMUG advantage subscription you now get the ability to use a bunch of VMware’s software for the duration of your subscription. No rebuilds every couple of months which makes your home lab more “stable/persistent”and the list of available software looks quite good.

With each new release of vSphere or SRM or NSX or VSAN or … or … or … a lab becomes more important.

But what do you want out of a lab? Do you want to test new software, create disposable environments, run a permanent infrastructure? I guess its really up to and your budget. For me its important to test new software, do early investigation before I approach work and study. Do I need permanent running infrastructure? Not really. I prefer nested a ESX solution. It suits me and my budget. However there are many instances when you would want a “physical” lab, Consultants for a start.

Anyway, I have only three bits of kit that are really important to creating my home lab.

Just a quick post:Firstly I would like to recommend the book VMware vSphere Design. I have been using it to study for my VCAP-DCD exam and so far its been a real help. The writing style is easy to read and the authors obviously know their stuff. It is available in eBook format too, which has been a real help for me.

Also vBeers in London soon: http://www.vbeers.org/2011/08/19/vbeers-london-thurs-1st-sept-2011/. Hope to see you there. If you aren’t in London have a look at the website http://www.vbeers.org/, there is a listing of vBeers around the world.